Last time out, I added support for RSASSA-PSS encoded signatures to the ursa Node.js module. The code I added exposes the OpenSSL implementation of RSASSA-PSS to Node.js programs. RFC 3447 recommends new applications use RSASSA-PSS instead of the older RSASSA-PKCS1-v1_5 scheme.
RFC 3447 also recommends new applications use RSAES-OAEP ciphertext encoding instead of the older RSAES-PKCS1-v1_5 scheme. ursa already exposes the OpenSSL RSAES-OAEP implementation to Node.js programs.
The PSS algorithm relies on hash functions and so the Forge implementation necessarily relies on other bits of Forge.
So what I ended up doing was to add a PSS implementation to jsjws, using RFC 3447 and the Forge PSS implementation as references. The code isn't too complicated but it's best to read it alongside the spec. You'll also need to refer to the encoding section of the spec.
RSASSA-PSS encoding is now merged into jwjws mainline. In a future post I'll describe a simple signing and verification library I wrote which makes it easy to use PSS (and OAEP) for common cases on Node.js or in the browser. I'll also describe some interoperability tests I ran between OpenSSL, Node.js and browser.
Next time out, I'll describe another enhancement I made to jsjws plus some libraries I derived from it.
blog comments powered by Disqus